Connect with us

News

NCC-CSIRT identifies two cyber attacks via Facebook, charging phones

Published

on

Nasiru Yusuf

The Nigerian Communications Commission’s Cyber Security Incident Response Team (NCC-CSIRT) has independently identified two cyber vulnerabilities and advised Nigerian telecom consumers on the measures to be taken to get protected from the cyber-attacks.

KANO FOCUS reports that the CSIRT, in its first-ever security advisories less than three months after its creation, has solely identified the two cyber-attacks targeting the consumers and proffer solutions that can help telecom consumers from falling victims to the two cyber vulnerabilities.

This is contained in a statement sent to KANO FOCUS by Director, Public Affairs Dr. Ikechukwu Adinde on Friday.

The statement said the first is described as Juice Jacking, which can gain access into consumers’ devices when charging mobile phones at public charging stations and it applies to all mobile phones.

The other is a Facebook for Android Friend Acceptance Vulnerability, which targets only Android Operating System.

According to CSIRT security Advisory 0001 released on January 26, 2022, with Juice Jacking, attackers have found a new way to gain unauthorized entry into unsuspecting mobile phone users devices when they charge their mobile phones at public charging stations.

Many public spaces, restaurants, malls and even in the public trains do offer complementary services to their customers in a bid to enhance customer services, one of which is providing charging ports or sockets.

However, an attacker can leverage this courtesy to load a payload in the charging station or on the cables they would leave plugged in at the stations.

“Once unsuspecting persons plug their phones at the charging station or the cable left by the attacker, the payload is automatically downloaded on the victims’ phone.

“This payload then gives the attacker remote access to the mobile phone, allowing them to monitor data transmitted as text, or audio using the microphone. The attacker can even watch the victim in real time if the victims’ camera is not covered. The attacker is also given full access to the gallery and also to the phone’s Global Positioning System (GPS) location.

“When an attacker gains access to a user’s Mobile phone, he gets remote access to the User’s phone which leads to breach in Confidentiality, Violation of Data Integrity and bypass of Authentication Mechanisms. Symptoms of attack may include sudden spike in battery consumption, device operating slower than usual, apps taking a long time to load, and when they load they crash frequently and cause abnormal data usage,” the statement said.

It added that the NCC-CSIRT, however, proffered solutions to this attack to include using ‘charging only USB cable’, to avoid Universal Serial Bus (USB) data connection; using one’s AC charging adaptor in public space; and not granting trust to portable devices prompt for USB data connection.

Other preventive measures against Juice Jacking, according to the statement include installing Antivirus and updating them to the latest definitions always; keeping mobile devices up to date with the latest patches; using one’s own power bank; keeping mobile phone off when charging in public places; as well as ensuring use of one’s own charger, if one must charge in public.

On the other hand, the NCC-CSIRT Advisory 0001 of January 27, 2022, warns that Facebook for Android is vulnerable to a permission issue which gives privilege to anyone with physical access to the android device to accept friend requests without unlocking the phone. The products affected include Versions 329.0.0.29.120 of Android OS.

With this, the attacker will be able to add the victim as a friend and collect personal information of the victim, such as Email, Date of Birth, Check-ins, Mobile phone number, Address, Pictures and other information that the victim may have shared, which would only be visible to his/her friends.

However, to be protected from the Facebook-associated vulnerability, NCC-CSIRT in the security advisory recommends to users to disable the feature from their device’s lock screen notification settings.

The NCC-CSIRT was inaugurated in October, 2021 to provide guidance and direction for the constituents in dealing with issues relating to the security of critical infrastructure in their possession, and periodically assess, review and collate the threat landscape, risks, and opportunities affecting the communications sector, in order to provide advice to relevant stakeholders in those regards.

As the telecoms-industry specific intervention, the objective of which aligns with the objective of the National Cybersecurity Policy and Strategy (NCPS) document published by the Office of the National Security Adviser (ONSA), the NCC-CSIRT ensures continuous improvement of processes and communication frameworks to guarantee secure and collaborative exchange of timely information while responding to cyber threats within the sector.

In recent times, NCC-CSIRT has raised series of cyber-vulnerability awareness based on security advisories it receives from the Nigerian Cybersecurity Emergency Response Team (ngCERT), which is the national body for the implementation of the NCPS objective. However, Juice Jacking and Facebook for Android Friend Acceptance Vulnerabilities are the two first-ever cyber vulnerabilities published by the NCC-CSIRT.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

News

Gov. Yusuf appoints Dr. Aminu Magashi co-chair of Kano anti-drug abuse task force

Published

on

 

 

Nasiru Yusuf Ibrahim

 

Kano State Governor, Alhaji Abba Kabir Yusuf, has appointed renowned public health expert, Dr. Aminu Garba Magashi, as Co-Chair of the Kano State Anti-Drug Abuse Task Force in a renewed effort to combat substance abuse and related social vices across the state.

 

KANO FOCUS reports that the appointment was announced in a statement issued on Monday by the Director-General, Media and Publicity, Government House, Kano, Sunusi Bature Dawakin Tofa.

 

According to the statement, the appointment underscores the administration’s commitment to strengthening collaboration with civil society organisations, public health professionals and other stakeholders in tackling the growing menace of drug abuse, particularly among young people.

 

Governor Yusuf also disclosed plans by the state government to establish a mobile court dedicated to the speedy prosecution of drug-related offences and other social crimes.

 

He said the initiative is aimed at ensuring swift justice, strengthening law enforcement and serving as a deterrent to offenders.

 

The governor expressed confidence that Dr. Magashi’s extensive experience in public health policy, social protection and community development would enhance the effectiveness of the task force and support the government’s efforts to build a safer, healthier and drug-free Kano.

 

Dr. Magashi is the President of the Africa Health Budget Network and a respected civil society advocate with decades of experience in healthcare, public policy and community development.

 

As part of efforts to strengthen the task force, Governor Yusuf also approved the inclusion of a representative of the Kano State Sharia Commission in its membership to ensure that its activities conform with Islamic guidance.

 

The state government said the latest measures form part of broader efforts to address drug abuse, improve public safety and protect communities from the social and economic consequences of substance abuse.

 

Continue Reading

News

Gov. Yusuf tasks media on truthful reporting, patriotism

Published

on

Nasiru Yusuf Ibrahim

Kano State Governor, Alhaji Abba Kabir Yusuf, has called on conventional and social media practitioners to promote factual reporting, patriotism and active citizen participation as part of efforts to deepen democracy and strengthen public trust.

KANO FOCUS reports that the governor made the call on Monday while declaring open the maiden Arewa Media Summit held at the Coronation Hall, Government House, Kano. The summit was organised by the Office of the Senior Special Assistant to the President on Media and Public Enlightenment in collaboration with the Kano State Government.

 

A statement issued by the Governor’s Chief Press Secretary, Mustapha Muhammad, quoted Governor Yusuf as saying that the media must remain committed to truth, bridge generational divides, amplify the voices of the people and encourage responsible civic engagement.

 

He described the theme of the summit, Government, Citizens’ Accord, Accountability, Responsibility and Ethical Media Practice, as timely, noting that it provides an opportunity to strengthen governance, accountability and public confidence through ethical journalism.

 

According to the governor, responsible journalism and access to credible information are critical to national development and the successful implementation of government policies and reforms.

 

Governor Yusuf said his administration has continued to support media development by protecting press freedom and creating an enabling environment for journalism to thrive.

 

He listed the establishment of Northern Nigeria’s first Online Media Chapel, sponsorship of information officers for registration with the Nigerian Institute of Public Relations (NIPR), and the registration of journalists with the Nigerian Society of Broadcasters (NSB) among the state’s achievements in advancing professional journalism.

 

The governor also commended the Minister of Information and National Orientation, Mohammed Idris, for strengthening information management across the country, and praised the Senior Special Assistant to the President on Media and Public Enlightenment, Abdulaziz Abdulaziz, for promoting professionalism and ethical journalism through the summit.

 

In his remarks, the Minister of Information and National Orientation said the future of Northern Nigeria depends not only on investments in infrastructure and agriculture but also on credible journalism, responsible communication and effective storytelling.

 

Also speaking, Abdulaziz Abdulaziz said the summit was organised to promote accuracy, fairness and professionalism in reporting government activities while strengthening the relationship between government, citizens and the media.

 

Delivering the vote of thanks, the Director-General, Media and Publicity, Government House, Kano, Sunusi Bature Dawakin Tofa, said Governor Yusuf’s sustained investment in the training and retraining of media practitioners has enhanced journalism practice in the state.

 

KANO FOCUS reports that the summit attracted the Deputy Governor of Kano State, Alhaji Murtala Sule Garo, ministers, lawmakers, academics, media professionals and participants from across Northern Nigeria.

 

Continue Reading

News

Kano launches free 48-hour emergency treatment scheme for accident victims, other critical cases

Published

on

 

Nasiru Yusuf Ibrahim

 

The Kano State Government has introduced a free emergency medical treatment programme that provides eligible patients with lifesaving care for the first 48 hours at designated hospitals across the state.

 

KANO FOCUS reports that the initiative, being implemented through the Kano State Emergency Medical Services and Ambulance System (KN-SEMSAS) under the Ministry of Health, is designed to ensure that victims of medical emergencies receive prompt treatment without financial barriers.

 

According to information released by the state government, the scheme covers children under the age of five, including newborns with emergency conditions, road traffic accident victims, gunshot injuries, snakebite cases, drowning incidents, fire-related injuries, building collapse victims, communal clash casualties and other weapon-related injuries.

 

The programme also includes obstetric and neonatal emergency referrals from Kano State’s 18 MAMII local government areas through the SaveMAMA referral system.

 

Under the initiative, emergency treatment is provided free of charge for the first 48 hours at accredited Emergency Medical Treatment Centres (EMTCs) across the state.

 

The government advised patients or their relatives to contact the KN-SEMSAS Emergency Call Centre before or immediately upon arrival at an accredited hospital to obtain an authorisation code, while stressing that emergency treatment should not be delayed while the code is being processed.

 

Residents were urged to use the national toll-free emergency line 112 or the state’s dedicated emergency numbers 09019999920 and 09049999914 to request ambulance services and access the programme.

 

The accredited hospitals participating in the scheme include Aminu Kano Teaching Hospital (AKTH), National Orthopaedic Hospital, Dala, Muhammad Abdullahi Wase Teaching Hospital (MAWTH), Murtala Muhammad Specialist Hospital, Sir Muhammad Sanusi Specialist Hospital, Sheikh Muhammad Jidda General Hospital, Waziri Shehu Gidado General Hospital, MDS Hospital, Zak Clinic, MGK Hospital and Khadijat Memorial Hospital.

 

The state government said the initiative forms part of ongoing efforts to strengthen emergency healthcare delivery and improve access to lifesaving medical services for residents.

 

It called on members of the public to take advantage of the programme and share information about the emergency treatment scheme to enable more residents to benefit from the free services.

 

Continue Reading

Trending